Author
Topic: An interesting set-up (Read 1302 times)

Here's an interesting case : I want to set up a system with the MD and NAS into one location (say, one city) and a core into another (say, other city). The idea is that the first location can be better secured and not exposed to breakthroughs, while the other, the one which would request most services, needs to be easy on computing equipment. I guess I will be limited to the speed of the connection I can have, but is such a set-up possible and, if yes, how would you do it?

Just for you to get an idea, I want the system services to include in the first phase: access of music, access of books (!!), access and storage of pictures, zwave, and security. As you can see, not yet heavy media streaming - although a solution of that would be great.

Kindly please advice, and if I ask something that already exists (I tried the search and it didn't) my apologies.

If you store all your stuff on your NAS the speed should not be a big problem, except for the starting and working of the MD. The regular setup has a diskless, network booting, MD. This is not really feasible over a WAN. However, it is possible to create a disked MD. That is described in the wiki. If I were in your shoes, I would get someone to install and configure it. If you want to see it as a challenge, go and read the wiki about it.

Are you talking about physical security where the core will be located or network security? I'll be completely honest with you I think this would be unnecessarily complicated (and i'm a "go big or go home" kind of guy). When I had my second house I thought of doing the same thing but then I figured for the price of a zwave dongle and a capable pc for a core it would just make sense to have two separate systems. The site to site tunnel allowed for accessing media at either locations but that is separate of Lmce.

My opinions aside, you can achieve this. You will need a zwave dongle at each location. For some reason i'm of the impression that you can only have one dongle per system but it could be one per MD or core (someone enlighten us on that one). If it's one dongle per md or core then you can control lighting at location B from location A provided that there is a dongle at location A and B. Your security system will also have to be IP based. You'll need a keypad or some other interface for the sensors at each location. With current internet packages and VPN technology what it is today speed and reliability wont be a huge problem or a deal breaker.

Now for the tricky part. If you have advanced networking skills, which you're probably lacking since you asked this question (no offense), you'll have to setup a site to site tunnel to essentially put both locations on the same network. I say the "same network" but that's not really what you're doing since it's 1: a very bad idea, 2: difficult to keep straight, and 3: unsupported and/or disallowed on most routers. You'll need 2 "advanced" routers (one for each location), Disable the firewall on the core, and a few routes and rules.

ISP <---> Cable Modem <--192.168.3.2 Router B <---192.168.80.0 LMCE Network BSteps1: The core will have to be configured to broadcast DHCP offers on all interfaces. 2: A VPN tunnel will have to be created between Routers A and B. (configuring how the routers handle internet VS Lan traffic is a whole other conversion with various perks, repercussions, and challenges)3: Router B will have to be configured to relay DHCP requests through the VPN tunnel to router A, Router A will then have to Relay these Requests to the Core. 4: Router A will have to be configured to relay the DHCP Offers back to Router B VIA the tunnel, then Router B has to relay that offer to the requesting client. 5: Typically, LMCE Network A and LMCE network B will be two separate IP ranges. Because of the nature of LMCE, changing the IP range has negative repercussions. So you'll have to keep these two networks with the same IP range which means you'll need some fancy rules on router A and B to make sure traffic makes it where it needs to go. I've never had to do this (because it's a really bad idea and would be a pain to actually get it to work(in this way)) but I would imagine you'll spit the ip range down the middle. Since Lmce already does this you'll be splitting it twice (or else you'll be creating a custom rule on each router for each device on your network). For LMCE devices you'll spit that range in half, one half for each location. Then create a rule so router B knows that devices in the first part of the range are at Router A and vise verse. Then you'll do the same for the non LME devices IP range. LMCE isn't smart enough (no offense devs) to know that you split the range in this way so you'll have to reassign devices manually as you add them to the system. (Good luck with steps 3 - 5, I've seen this trip up some seasoned Network admins)6: you'll have to make the core Vlan aware and configure Vlans on the core for the external interface. You'll need a vlan for the 192.168.80.0 range on the second network.7: you'll have to create Vlans on the routers as well to match the core. (steps 6 and 7 should be higher in the process, before setting up dhcp)8:You'll have to also create custom rules on the core, after all the core is a router among other things. It'll have to know that MD 1(192.168.80.2) is at ETH2 but MD 2 (192.168.80.15) is at ETH1.. or better yet Eth1.1.9: Cross your figures and hope it all works. (as far as firewall rules, leave all firewall options disabled for the tunnel or allow all traffic (any, any rules)).

Are you still with me? UNNECESSARILY COMPLICATED!

To simplify step 5, give LMCE network B a different IP range. The routers will have to tag DHCP requests and the Core will have to be configured to give different IP configurations for the tagged requests. You'll still have to create rules and routes but they'll be simpler and more industry standard (meaning they'll "just work"). You'll clear up a lot of network related issues but you may experience LMCE specific issues.

Either way good luck getting support from the community, and did I mention unnecessarily complicated? If not... unnecessarily complicated!

Here's an interesting case : I want to set up a system with the MD and NAS into one location (say, one city) and a core into another (say, other city). The idea is that the first location can be better secured and not exposed to breakthroughs, while the other, the one which would request most services, needs to be easy on computing equipment. I guess I will be limited to the speed of the connection I can have, but is such a set-up possible and, if yes, how would you do it?

Just for you to get an idea, I want the system services to include in the first phase: access of music, access of books (!!), access and storage of pictures, zwave, and security. As you can see, not yet heavy media streaming - although a solution of that would be great.

Kindly please advice, and if I ask something that already exists (I tried the search and it didn't) my apologies.

Thank you for your input,

Catalin

It does sound a little over complex, as others have said, and I'm not sure how much more secure it would be either. We provide Remote Access so that you can remotely control multiple Dianemo systems from a single iOS Orbiter... and that seems to be well like by many customers with multiple dwellings.

We do have customers who have wanted for some time to replicate their iTunes music library in multiple locations and have that happen automatically too. We had looked into doing this with a vpn but that was superseded by Apple introducing iTunes in the Cloud and Match. iTunes in the cloud means that a customer can now have their iTunes music library in multiple locations - with all kept in sync as new music is ripped or purchased from iTunes. Purchase a track while in your house at location 'A' and magically (Apple like that word ;-) ) moments later its also in your iOS devices iTunes library and also downloaded in your house at location 'B'. If by some incredible stroke of 'bad' luck your houses at Locations 'A' and 'B' both get destroyed by a fire or some natural disaster then your library is still perfectly safe in iCloud. I realise that was not particularly part of your requirement but it does provide enormous flexibility and redundancy.

Thanks both of you for your replies, they did make light into my understanding. I think I tried to oversmart the set-up just because it was a cool idea. I will go then with as classic a set-up as possible.

Thanks both of you for your replies, they did make light into my understanding. I think I tried to oversmart the set-up just because it was a cool idea. I will go then with as classic a set-up as possible.

Thanks again (and Andrew, I'm not in your price range - yet )

Your very welcome indeed.

You can get Remote Access capability with a Dianemo S Software only license... you don't need to purchase hardware from us... just a thought ;-)